From f45ed69d4f6bf87aabde7e901c9f8dc93ac795ab Mon Sep 17 00:00:00 2001
From: mharris <mharris@fedoraproject.org>
Date: Wed, 21 Jun 2006 09:27:26 +0000
Subject: [PATCH] - Added xinit-1.0.2-setuid.diff to fix potential security
 issue (#196094)

---
 xinit-1.0.2-setuid.diff | 19 +++++++++++++++++++
 xorg-x11-xinit.spec     | 12 +++++++++---
 2 files changed, 28 insertions(+), 3 deletions(-)
 create mode 100644 xinit-1.0.2-setuid.diff

diff --git a/xinit-1.0.2-setuid.diff b/xinit-1.0.2-setuid.diff
new file mode 100644
index 0000000..277d0f5
--- /dev/null
+++ b/xinit-1.0.2-setuid.diff
@@ -0,0 +1,19 @@
+Index: xinit.c
+===================================================================
+RCS file: /cvs/xorg/app/xinit/xinit.c,v
+retrieving revision 1.4
+diff -u -r1.4 xinit.c
+--- xinit.c	4 Oct 2005 01:27:34 -0000	1.4
++++ xinit.c	19 Jun 2006 21:31:58 -0000
+@@ -692,7 +692,10 @@
+ startClient(char *client[])
+ {
+ 	if ((clientpid = vfork()) == 0) {
+-		setuid(getuid());
++		if (setuid(getuid()) == -1) {
++			Error("cannot change uid: %s\n", strerror(errno));
++			_exit(ERR_EXIT);
++		}
+ 		setpgrp(0, getpid());
+ 		environ = newenviron;
+ #ifdef __UNIXOS2__
diff --git a/xorg-x11-xinit.spec b/xorg-x11-xinit.spec
index fd7a0f0..90fccb6 100644
--- a/xorg-x11-xinit.spec
+++ b/xorg-x11-xinit.spec
@@ -3,7 +3,7 @@
 Summary: X.Org X11 X Window System xinit startup scripts
 Name: xorg-x11-%{pkgname}
 Version: 1.0.2
-Release: 2
+Release: 3
 License: MIT/X11
 Group: User Interface/X
 URL: http://www.x.org
@@ -20,6 +20,8 @@ Source15: xinput.sh
 #       here instead of the xdm package.
 Source16: Xsession
 
+Patch0: ftp://ftp.freedesktop.org/pub/xorg/X11R7.1/patches/xinit-1.0.2-setuid.diff
+
 BuildRequires: pkgconfig
 BuildRequires: libX11-devel
 # NOTE: startx needs xauth in order to run, but that is not picked up
@@ -40,6 +42,7 @@ X.Org X11 X Window System xinit startup scripts
 
 %prep
 %setup -q -n %{pkgname}-%{version}
+%patch0 -p0 -b .setuid
 
 %build
 %configure
@@ -92,6 +95,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man1/xinit.1x*
 
 %changelog
+* Tue Jun 20 2006 Mike A. Harris <mharris@redhat.com> 1.0.2-3
+- Added xinit-1.0.2-setuid.diff to fix potential security issue (#196094)
+
 * Tue Jun 06 2006 Mike A. Harris <mharris@redhat.com> 1.0.2-2
 - Added "BuildRequires: pkgconfig" for bug (#194187)
 
@@ -128,7 +134,7 @@ rm -rf $RPM_BUILD_ROOT
 * Fri Nov 11 2005 Mike A. Harris <mharris@redhat.com> 0.99.3-3
 - Updated to xinit 0.99.3 from X11R7 RC2.
 
-* Mon Nov 7 2005 Mike A. Harris <mharris@redhat.com> 0.99.2-3
+* Mon Nov 07 2005 Mike A. Harris <mharris@redhat.com> 0.99.2-3
 - Added "Provides: xinitrc = 5.0.0-1" for temporary compatibility between
   monolithic and modular X.  This will be removed however for FC5.
 
@@ -141,7 +147,7 @@ rm -rf $RPM_BUILD_ROOT
 - Updated to xinit 0.99.2 from X11R7 RC1.
 - Change manpage location to 'man1x' in file manifest.
 
-* Wed Oct  5 2005 Mike A. Harris <mharris@redhat.com> 0.99.0-2
+* Wed Oct 05 2005 Mike A. Harris <mharris@redhat.com> 0.99.0-2
 - Use Fedora-Extras style BuildRoot tag.
 - Update BuildRequires to use new library package names.
 - Tidy up spec file a bit.